package com.group.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.group.domain.User;

/**
 * 拦截器，对用户权限进行管理
 * 
 * @author cc
 * @version 1.0
 */
public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {
    	// 检查用户是否已登录
        User user = (User) request.getSession().getAttribute("loggedInUser");
        
        if (user == null) {
            // 用户未登录，重定向到登录页
            response.sendRedirect(request.getContextPath() + "/user");
            return false;
        }
        System.out.println(user.getUsername());
        // 检查用户是否为管理员
        if (!user.getRole()) {
            // 如果不是管理员，重定向到其他页面（这里假设是普通用户的页面）
            response.sendRedirect(request.getContextPath() + "/userInfo");
            return false;
        }

        // 用户已登录且为管理员，放行
        return true;
    }
    //在处理完成后执行
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
            ModelAndView modelAndView) throws Exception {
        // Do something after completion
    }

    // 在整个请求完成后执行
    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
            throws Exception {
        
    }

    

}
